From 2026e66e86f35995eee32557c2f83f1d539ca9c7 Mon Sep 17 00:00:00 2001 From: Mark Newnham Date: Thu, 10 Dec 2020 19:34:10 -0700 Subject: DSN database connection with password containing # fails see #651 The # symbol disupts the parse_url function so the password is temorarily substituted during the url decoding phase --- adodb.inc.php | 42 +++++++++++++++++++++++++++++++++++++++--- 1 file changed, 39 insertions(+), 3 deletions(-) diff --git a/adodb.inc.php b/adodb.inc.php index 8a969b99..0c5c8b9e 100644 --- a/adodb.inc.php +++ b/adodb.inc.php @@ -4783,6 +4783,13 @@ http://www.stanford.edu/dept/itss/docs/oracle/10g/server.101/b10759/statements_1 if (!defined('ADODB_ASSOC_CASE')) { define('ADODB_ASSOC_CASE', ADODB_ASSOC_CASE_NATIVE); } + + /* + * Are there special characters in the dsn password + * that disrupt parse_url + */ + $needsSpecialCharacterHandling = false; + $errorfn = (defined('ADODB_ERROR_HANDLER')) ? ADODB_ERROR_HANDLER : false; if (($at = strpos($db,'://')) !== FALSE) { $origdsn = $db; @@ -4804,9 +4811,28 @@ http://www.stanford.edu/dept/itss/docs/oracle/10g/server.101/b10759/statements_1 $path = substr($path,0,$qmark); } $dsna['path'] = '/' . urlencode($path); - } else - $dsna = @parse_url($fakedsn); - + } else { + /* + * Stop # character breaking parse_url + */ + $cFakedsn = str_replace('#','\035',$fakedsn); + if (strcmp($fakedsn,$cFakedsn) != 0) + { + /* + * There is a # in the string + */ + $needsSpecialCharacterHandling = true; + + /* + * This allows us to successfully parse the url + */ + $fakedsn = $cFakedsn; + + } + + $dsna = parse_url($fakedsn); + } + if (!$dsna) { return false; } @@ -4832,11 +4858,20 @@ http://www.stanford.edu/dept/itss/docs/oracle/10g/server.101/b10759/statements_1 if (!$db) { return false; } + $dsna['host'] = isset($dsna['host']) ? rawurldecode($dsna['host']) : ''; $dsna['user'] = isset($dsna['user']) ? rawurldecode($dsna['user']) : ''; $dsna['pass'] = isset($dsna['pass']) ? rawurldecode($dsna['pass']) : ''; $dsna['path'] = isset($dsna['path']) ? rawurldecode(substr($dsna['path'],1)) : ''; # strip off initial / + if ($needsSpecialCharacterHandling) + { + /* + * Revert back to the original string + */ + $dsna = str_replace('\035','#',$dsna); + } + if (isset($dsna['query'])) { $opt1 = explode('&',$dsna['query']); foreach($opt1 as $k => $v) { @@ -4846,6 +4881,7 @@ http://www.stanford.edu/dept/itss/docs/oracle/10g/server.101/b10759/statements_1 } else { $opt = array(); } + } /* * phptype: Database backend used in PHP (mysql, odbc etc.) -- cgit v1.3